Malware has compromised tens of thousands of devices to mine cryptocurrency and steal funds, yet it has only managed to secure around $6,000.
On 8 October, cybersecurity firm Doctor Web reported the detection of malware masquerading as legitimate software, including office applications, gaming cheats, and online trading bots.
This cryptojacking and theft software has infected over 28,000 users, primarily in Russia, with additional cases in Belarus, Uzbekistan, Kazakhstan, Ukraine, Kyrgyzstan, and Turkey.
While the hackers collected about $6,000 worth of cryptocurrency, it remains unclear how much the malware's creator may have gained from crypto mining.
Doctor Web noted that the malware was distributed through fraudulent GitHub pages and malicious links in YouTube video descriptions.
Once a device is compromised, the stealthy software hijacks computing resources for mining.
Additionally, a component known as a "Clipper" monitors the clipboard for cryptocurrency wallet addresses, replacing them with those controlled by the attackers, facilitating their small-scale theft.
The malware employs advanced techniques to evade detection, including using password-protected archives to avoid antivirus scans, disguising harmful files as legitimate system components, and executing malicious scripts with authorised software.
Doctor Web advised that many victims fell prey by installing pirated versions of popular programmes and recommended obtaining software only from official sources.
Clipboard-changing malware has existed for years, gaining significant traction following the 2017 cryptocurrency bull market.
It is a type of malicious software that sneaks onto your computer or phone and secretly alters the information you copy to your clipboard (the place where data is temporarily stored when you cut or copy text).
For example, if you copy a cryptocurrency wallet address to send money, the malware can replace it with a different address.
This means that, instead of sending your money to the intended person, it gets sent to the criminal's account.
This increased complexity makes them more dangerous and difficult to detect, posing a growing threat to unsuspecting users, especially in financial transactions like cryptocurrency transfers.
Over time, these malicious programmes have evolved, becoming more sophisticated by incorporating clipboard hijacking with other harmful features.
Travala (AVA) surged 300% after CZ revealed Binance’s early investment and the platform’s $100 million in annual revenue. However, with AVA's price dipping nearly 15%, can Travala make a comeback and deliver a holiday miracle?
CatherineCyberKongz recently received a Wells Notice from the SEC regarding NFTs and ERC-20 tokens. The collection has been critical of the current administration's crypto stance and is now focused on advocating for clearer, more transparent regulations in the NFT space.
CatherineThe SEC has issued Wells Notices to both Unicoin and CyberKongz, accusing them of fraud and unregistered securities violations. Unicoin plans to fight the charges, while CyberKongz disputes the SEC’s claims, calling them a misunderstanding of blockchain technology.
AnaisLido has stopped new staking on Polygon, but users can withdraw staked MATIC until 16 June 2025. The move follows low adoption and Lido's strategic focus on Ethereum.
KikyoScammers are targeting crypto investors through social media platforms like YouTube, WhatsApp, and Telegram, offering fake trading advice and fraudulent investment schemes. They lure victims with fake platforms, celebrity endorsements, and manipulated interactions, leading to significant financial losses.
WeatherlyMeta's AI-powered Ray-Ban glasses now offer live AI, real-time translation, and music recognition, blending advanced features into daily life. Are these smart shades the future of wearable tech?
CatherineAmazon is using AI and machine learning to combat rising impersonation scams, especially during the holiday season. The company has successfully shut down thousands of phishing sites and phone numbers, but stresses the importance of collaboration with other industry players to fight fraud effectively.
AnaisOpenAI has launched a new search feature in ChatGPT, now available to all users, challenging Google’s dominance in the search engine market. The feature offers real-time information with web-sourced citations, marking a significant expansion for OpenAI in the AI-driven search space.
WeatherlyThe US Senate Banking Committee has cancelled Caroline Crenshaw’s renomination, ending her tenure as SEC commissioner. Known for her anti-crypto stance, Crenshaw opposed Bitcoin ETFs and pushed for stricter crypto oversight. While the crypto community celebrates, is the victory premature?
CatherineCrypto.com CEO Kris Marszalek met with President-elect Trump to discuss crypto appointments and Bitcoin reserves, as the exchange dropped its SEC lawsuit. Are more crypto-friendly appointments on the horizon?
Kikyo
